You can’t secure what you can’t see: the data challenge
The tidal wave of data Data is undoubtedly a key asset today, but all it takes is a breach to...
Year: 2025
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini December 07, 2025 A new round of...
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security Pierluigi Paganini December 07, 2025...
The State of the 2025 Cyber Workforce: Skills Gaps, AI Opportunity and Economic Strain
Over the past few years, I have learned quite a bit about the cyber workforce from the annual ISC2 workforce...
Inside Shanya, a packer-as-a-service fueling modern attacks
We have covered packer-as-a-service offerings from the computer underworld in the past, previously dissecting impersonation campaigns and the rise of...
This Week in Scams: Phony AI Ads, Apple Account Takeover Attempts, and a PlayStation Scam
For this week in scams, we have fake AI-generated shopping images that could spoil your holidays, scammers use an Apple...
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs Pierluigi Paganini December 06, 2025 A hacking campaign is targeting...
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties...
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated...
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a...
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
Main Takeaways:CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js,...
Uniting Global Leaders Against Cyber Terrorism
Uniting Global Leaders Against Cyber Terrorism The fight against terrorism has moved to a new battlefield: the digital frontier. Last...
Maximum-severity XXE vulnerability discovered in Apache Tika
Maximum-severity XXE vulnerability discovered in Apache Tika Pierluigi Paganini December 06, 2025 A maximum severity vulnerability in Apache Tika, tracked...
Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report
In short, while there was no evidence that unsanctioned app use is routine or normalized, it is likely that enough...
